Add Password Algorithm option to install page (#14701)

Add Password Algorithm option to install page

Fix #14674 

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
This commit is contained in:
zeripath 2021-02-16 22:37:20 +00:00 committed by GitHub
parent 66a148e398
commit ad43b119a8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 36 additions and 1 deletions

View file

@ -56,7 +56,17 @@ const (
algoScrypt = "scrypt"
algoArgon2 = "argon2"
algoPbkdf2 = "pbkdf2"
)
// AvailableHashAlgorithms represents the available password hashing algorithms
var AvailableHashAlgorithms = []string{
algoPbkdf2,
algoArgon2,
algoScrypt,
algoBcrypt,
}
const (
// EmailNotificationsEnabled indicates that the user would like to receive all email notifications
EmailNotificationsEnabled = "enabled"
// EmailNotificationsOnMention indicates that the user would like to be notified via email when mentioned.

View file

@ -60,6 +60,8 @@ type InstallForm struct {
DefaultEnableTimetracking bool
NoReplyAddress string
PasswordAlgorithm string
AdminName string `binding:"OmitEmpty;AlphaDashDot;MaxSize(30)" locale:"install.admin_name"`
AdminPasswd string `binding:"OmitEmpty;MaxSize(255)" locale:"install.admin_password"`
AdminConfirmPasswd string

View file

@ -205,6 +205,8 @@ default_enable_timetracking = Enable Time Tracking by Default
default_enable_timetracking_popup = Enable time tracking for new repositories by default.
no_reply_address = Hidden Email Domain
no_reply_address_helper = Domain name for users with a hidden email address. For example, the username 'joe' will be logged in Git as 'joe@noreply.example.org' if the hidden email domain is set to 'noreply.example.org'.
password_algorithm = Password Hash Algorithm
password_algorithm_helper = Set the password hashing algorithm. Algorithms have differing requirements and strength. `argon2` whilst having good characteristics uses a lot of memory and may be inappropriate for small systems.
[home]
uname_holder = Username or Email Address

View file

@ -66,6 +66,7 @@ func InstallInit(next http.Handler) http.Handler {
"TmplLoadTimes": func() string {
return time.Since(startTime).String()
},
"PasswordHashAlgorithms": models.AvailableHashAlgorithms,
},
}
ctx.Req = context.WithContext(req, &ctx)
@ -142,6 +143,7 @@ func Install(ctx *context.Context) {
form.DefaultAllowCreateOrganization = setting.Service.DefaultAllowCreateOrganization
form.DefaultEnableTimetracking = setting.Service.DefaultEnableTimetracking
form.NoReplyAddress = setting.Service.NoReplyAddress
form.PasswordAlgorithm = setting.PasswordHashAlgo
middleware.AssignForm(form, ctx.Data)
ctx.HTML(200, tplInstall)
@ -185,6 +187,8 @@ func InstallPost(ctx *context.Context) {
setting.Database.Charset = form.Charset
setting.Database.Path = form.DbPath
setting.PasswordHashAlgo = form.PasswordAlgorithm
if (setting.Database.Type == "sqlite3") &&
len(setting.Database.Path) == 0 {
ctx.Data["Err_DbPath"] = true
@ -380,6 +384,9 @@ func InstallPost(ctx *context.Context) {
return
}
cfg.Section("security").Key("SECRET_KEY").SetValue(secretKey)
if len(form.PasswordAlgorithm) > 0 {
cfg.Section("security").Key("PASSWORD_HASH_ALGO").SetValue(form.PasswordAlgorithm)
}
err = os.MkdirAll(filepath.Dir(setting.CustomConf), os.ModePerm)
if err != nil {

View file

@ -267,6 +267,20 @@
<input id="_no_reply_address" name="no_reply_address" value="{{.no_reply_address}}">
<span class="help">{{.i18n.Tr "install.no_reply_address_helper"}}</span>
</div>
<div class="inline field">
<label for="password_algorithm">{{.i18n.Tr "install.password_algorithm"}}</label>
<div class="ui selection dropdown">
<input id="password_algorithm" type="hidden" name="password_algorithm" value="{{.password_algorithm}}">
<div class="text">{{.password_algorithm}}</div>
{{svg "octicon-triangle-down" 14 "dropdown icon"}}
<div class="menu">
{{range .PasswordHashAlgorithms}}
<div class="item" data-value="{{.}}">{{.}}</div>
{{end}}
</div>
</div>
<span class="help">{{.i18n.Tr "install.password_algorithm_helper"}}</span>
</div>
</div>
</div>